package com.sp2p.action.front;

import java.io.IOException;
import java.sql.SQLException;
import java.text.ParseException;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import net.sf.json.JSONObject;

import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.junit.internal.runners.statements.Fail;

import com.gofull.gateway.sms.util.SMSUtil;
import com.shove.Convert;
import com.shove.data.DataException;
import com.shove.util.SqlInfusion;
import com.shove.web.util.DesSecurityUtil;
import com.shove.web.util.JSONUtils;
import com.sp2p.constants.IConstants;
import com.sp2p.entity.User;
import com.sp2p.service.BeVipService;
import com.sp2p.service.HomeInfoSettingService;
import com.sp2p.service.IDCardValidateService;
import com.sp2p.service.MyHomeService;
import com.sp2p.service.RegionService;
import com.sp2p.service.UserService;
import com.sp2p.service.ValidateService;
import com.sp2p.service.admin.SMSInterfaceService;

public class FrontMyInformation extends BaseFrontAction {

	public static Log log = LogFactory.getLog(FrontMyInformation.class);
	private static final long serialVersionUID = 1L;

	private UserService userService;

	private RegionService regionService;
	private ValidateService validateService;
	private BeVipService beVipService;
	private IDCardValidateService iDCardValidateService;
	private MyHomeService myHomeService;
	private HomeInfoSettingService homeInfoSettingService;

	private List<Map<String, Object>> provinceList;
	private List<Map<String, Object>> cityList;
	private List<Map<String, Object>> areaList;
	private List<Map<String, Object>> regcityList;

	private long workPro = -1L;// 初始化省份默认值
	private long cityId = -1L;// 初始化话默认城市
	private long regPro = -1L;// 户口区域默认值
	private long regCity = -1L;// 户口区域默认值
	
	private SMSInterfaceService sMsService;

	public void setsMsService(SMSInterfaceService sMsService) {
		this.sMsService = sMsService;
	}

	public void setMyHomeService(MyHomeService myHomeService) {
		this.myHomeService = myHomeService;
	}

	public void setHomeInfoSettingService(
			HomeInfoSettingService homeInfoSettingService) {
		this.homeInfoSettingService = homeInfoSettingService;
	}

	/**
	 * 查询个详细信息
	 * 
	 * @return
	 * @throws Exception
	 */
	public String queryBaseData() throws Exception {
		Map<String, String> map = new HashMap<String, String>();
		User user = (User) session().getAttribute("user");
		String birth = null;
		String rxedate = null;
		if (user != null) {
			map = userService.queryPersonById(user.getId());
			if (map != null && map.size() > 0) {
				workPro = Convert
						.strToLong(map.get("nativePlacePro") + "", -1L);
				cityId = Convert
						.strToLong(map.get("nativePlaceCity") + "", -1L);
				regPro = Convert.strToLong(map.get("registedPlacePro") + "",
						-1L);
				regCity = Convert.strToLong(map.get("registedPlaceCity") + "",
						-1L);
				birth = Convert.strToStr(map.get("birthday"), null);
				rxedate = Convert.strToStr(map.get("eduStartDay"), null);
				if (birth != null) {
					birth = birth.substring(0, 10);
				}
				if (rxedate != null) {
					rxedate = rxedate.substring(0, 10);
				}

			}
		} else {
			return "login";
		}
		// 判断用户是否已经填写了基本信息
		String flag = "";
		if (map != null && map.size() > 0) {// 用户基本资料有数据但是不一定是已经填写了基本资料信息
			// 还有可能是上传了个人头像
			if (!StringUtils.isBlank(map.get("realName"))) {// 不为空
				flag = "1";
			} else {
				flag = "2";
			}
		} else {
			flag = "2";
		}
		request().setAttribute("flag", flag);
		provinceList = regionService.queryRegionList(-1L, 1L, 1);
		cityList = regionService.queryRegionList(-1L, workPro, 2);
		regcityList = regionService.queryRegionList(-1L, regPro, 2);
		request().setAttribute("map", map);
		request().setAttribute("provinceList", provinceList);
		request().setAttribute("cityList", cityList);
		request().setAttribute("regcityList", regcityList);
		request().setAttribute("birth", birth);
		request().setAttribute("rxedate", rxedate);
		request().setAttribute("realName", user.getRealName());

		String tab_type = request("tab_type") == null ? null
				: request("tab_type");
		if (tab_type != null) {
			request().setAttribute("tab_type", tab_type);
		}

		String yy = request("yy") == null ? null : request("yy");
		if (yy != null) {
			request().setAttribute("yy", yy);
		}
		Map<String, String> pmap = userService.queryPersonById(user.getId());
		if (pmap != null && pmap.size() > 0) {
			request().setAttribute("pass", pmap.get("auditStatus"));
		}
		int authStep = user.getAuthStep();
		if (authStep < 2) {
			request().setAttribute("person", "0");
		} else {
			request().setAttribute("person", "1");
		}
		request().setAttribute("ISDEMO", IConstants.ISDEMO);

		// 合和年 查询 家庭联系人信息
		Map<String, String> family = userService.queryFamilyById(user.getId());
		request().setAttribute("family", family);
		return SUCCESS;
	}

	// 添加或更新个人信息
	public String updateUserBaseData() throws Exception {
		User user = (User) session("user");

		JSONObject json = new JSONObject();
		String realName = SqlInfusion.FilteSqlInfusion(paramMap.get("realName"));// 真实姓名
		if (StringUtils.isBlank(realName)) {
			json.put("msg", "请正确填写真实名字");
			JSONUtils.printObject(json);
			return null;
		} else if (2 > realName.length() || 20 < realName.length()) {
			json.put("msg", "真实姓名的长度为不小于2和大于20");
			JSONUtils.printObject(json);
			return null;
		}

		String idNo =SqlInfusion.FilteSqlInfusion( paramMap.get("idNo"));// 身份证号码
		long len = idNo.length();
		if (StringUtils.isBlank(idNo)) {
			json.put("msg", "请正确输入身份证号码");
			JSONUtils.printObject(json);
			return null;
		} else if (15 != len) {
			if (18 == len) {
			} else {
				json.put("msg", "请正确输入身份证号码");
				JSONUtils.printObject(json);
				return null;
			}
		}
		// 验证身份证
		String iDresutl = "";
		// iDresutl = iDCardValidateService.IDCardValidate(idNo);
		if (iDresutl != "") {
			json.put("msg", "身份证不合法");
			JSONUtils.printObject(json);
			return null;
		}
		String cellPhone = SqlInfusion.FilteSqlInfusion(paramMap.get("cellPhone"));// 手机号码
		// 判断是否是手机注册用户
		String iscellPhone = SqlInfusion.FilteSqlInfusion(paramMap.get("iscellPhone"));
		if (StringUtils.isBlank(iscellPhone)) {
			if (StringUtils.isBlank(cellPhone)) {
				json.put("msg", "请正确填写手机号码");
				JSONUtils.printObject(json);
				return null;
			} else if (cellPhone.length() < 9 || cellPhone.length() > 15) {
				json.put("msg", "手机号码长度不对");
				JSONUtils.printObject(json);
				return null;
			}

			/**
			 * 判定用户是否已存在记录
			 */
			Map<String, String> pMap = null;

			pMap = beVipService.queryPUser(user.getId());
			// 验证手机的唯一性
			Map<String, String> phonemap = null;
			phonemap = beVipService.queryIsPhone(cellPhone);

			if (pMap == null) {

				if (phonemap != null) {
					json.put("msg", "手机已存在");
					JSONUtils.printObject(json);
					return null;
				}

				if (phonemap == null) {
					String phonecode = null;
					try {
						Object obje = session().getAttribute("phone");
						if (obje != null) {
							phonecode = obje.toString();
						} else {
							json.put("msg", "请输入正确的验证码");
							JSONUtils.printObject(json);
							return null;
						}
					} catch (Exception e) {
						e.printStackTrace();
					}

					if (phonecode != null) {
						if (!phonecode.trim().equals(cellPhone.trim())) {
							json.put("msg", "与获取验证码手机号不一致");
							JSONUtils.printObject(json);
							return null;
						}

					}
					// 验证码
					String vilidataNum = SqlInfusion.FilteSqlInfusion(paramMap.get("vilidataNum"));
					if (StringUtils.isBlank(vilidataNum)) {
						json.put("msg", "请填写验证码");
						JSONUtils.printObject(json);
						return null;
					}

					String randomCode = null;
					Object objec = session().getAttribute("randomCode");
					if (objec != null) {
						randomCode = objec.toString();
					} else {
						json.put("msg", "请输入正确的验证码");
						JSONUtils.printObject(json);
						return null;
					}
					if (randomCode != null) {
						if (!randomCode.trim().equals(vilidataNum.trim())) {

							json.put("msg", "请输入正确的验证码");
							JSONUtils.printObject(json);
							return null;
						}

					}

				}

			}

		}

		String sex = SqlInfusion.FilteSqlInfusion(paramMap.get("sex"));// 性别(男 女)
		if (StringUtils.isBlank(sex)) {
			json.put("msg", "请正确填写性别");
			JSONUtils.printObject(json);
			return null;
		}

		String birthday = SqlInfusion.FilteSqlInfusion(paramMap.get("birthday"));// 出生日期
		if (StringUtils.isBlank(birthday)) {
			json.put("msg", "请正确填写出生日期");
			JSONUtils.printObject(json);
			return null;
		}

		String highestEdu = SqlInfusion.FilteSqlInfusion(paramMap.get("highestEdu"));// 最高学历
		if (StringUtils.isBlank(highestEdu)) {
			json.put("msg", "请正确填写最高学历");
			JSONUtils.printObject(json);
			return null;
		}

		String eduStartDay =SqlInfusion.FilteSqlInfusion( paramMap.get("eduStartDay"));// 入学年份
		if (StringUtils.isBlank(eduStartDay)) {
			json.put("msg", "请正确填写入学年份");
			JSONUtils.printObject(json);
			return null;
		}

		String school = SqlInfusion.FilteSqlInfusion(paramMap.get("school"));// 毕业院校
		if (StringUtils.isBlank(school)) {
			json.put("msg", "请正确填写入毕业院校");
			JSONUtils.printObject(json);
			return null;
		}

		String maritalStatus = SqlInfusion.FilteSqlInfusion(paramMap.get("maritalStatus"));// 婚姻状况(已婚 未婚)
		if (StringUtils.isBlank(maritalStatus)) {
			json.put("msg", "请正确填写入婚姻状况");
			JSONUtils.printObject(json);
			return null;
		}

		String hasChild = SqlInfusion.FilteSqlInfusion(paramMap.get("hasChild"));// 有无子女(有 无)

		if (StringUtils.isBlank(hasChild)) {
			json.put("msg", "请正确填写入有无子女");
			JSONUtils.printObject(json);
			return null;
		}
		String hasHourse = SqlInfusion.FilteSqlInfusion(paramMap.get("hasHourse"));// 是否有房(有 无)
		if (StringUtils.isBlank(hasHourse)) {
			json.put("msg", "请正确填写入是否有房");
			JSONUtils.printObject(json);
			return null;
		}

		String hasHousrseLoan = SqlInfusion.FilteSqlInfusion(paramMap.get("hasHousrseLoan"));// 有无房贷(有 无)
		if (StringUtils.isBlank(hasHousrseLoan)) {
			json.put("msg", "请正确填写入有无房贷");
			JSONUtils.printObject(json);
			return null;
		}

		String hasCar = SqlInfusion.FilteSqlInfusion(paramMap.get("hasCar"));// 是否有车 (有 无)
		if (StringUtils.isBlank(hasCar)) {
			json.put("msg", "请正确填写入是否有车");
			JSONUtils.printObject(json);
			return null;
		}

		String hasCarLoan = SqlInfusion.FilteSqlInfusion(paramMap.get("hasCarLoan"));// 有无车贷 (有 无)
		if (StringUtils.isBlank(hasCarLoan)) {
			json.put("msg", "请正确填写入有无车贷");
			JSONUtils.printObject(json);
			return null;
		}
		Long nativePlacePro = Convert.strToLong(paramMap.get("nativePlacePro"),
				-1);// 籍贯省份(默认为-1)
		if (StringUtils.isBlank(nativePlacePro.toString())) {
			json.put("msg", "请正确填写入籍贯省份");
			JSONUtils.printObject(json);
			return null;
		}
		Long nativePlaceCity = Convert.strToLong(paramMap
				.get("nativePlaceCity"), -1);// 籍贯城市
		// (默认为-1)
		if (StringUtils.isBlank(nativePlaceCity.toString())) {
			json.put("msg", "请正确填写入籍贯城市");
			JSONUtils.printObject(json);
			return null;
		}

		Long registedPlacePro = Convert.strToLong(paramMap
				.get("registedPlacePro"), -1);// 户口所在地省份(默认为-1)
		if (StringUtils.isBlank(registedPlacePro.toString())) {
			json.put("msg", "请正确填写入户口所在地省份");
			JSONUtils.printObject(json);
			return null;
		}

		Long registedPlaceCity = Convert.strToLong(paramMap
				.get("registedPlaceCity"), -1);// 户口所在地城市(默认为-1)

		if (StringUtils.isBlank(registedPlaceCity.toString())) {
			json.put("msg", "请正确填写入户口所在地城市");
			JSONUtils.printObject(json);
			return null;
		}

		String address =SqlInfusion.FilteSqlInfusion( paramMap.get("address"));// 所在地
		if (StringUtils.isBlank(address)) {
			json.put("msg", "请正确填写入所在地");
			JSONUtils.printObject(json);
			return null;
		}

		String telephone = SqlInfusion.FilteSqlInfusion(paramMap.get("telephone"));// 居住电话
		if (StringUtils.isBlank(telephone)) {
			json.put("msg", "请正确填写入你的家庭电话");
			JSONUtils.printObject(json);
			return null;
		}
		if (!StringUtils.isBlank(telephone)) {
			if (!StringUtils.isNumeric(telephone)) {
				json.put("msg", "你的家庭电话输入不正确");
				JSONUtils.printObject(json);
				return null;
			}
			if (telephone.trim().length() < 7 || telephone.trim().length() > 11) {
				json.put("msg", "你的家庭电话输入长度不对");
				JSONUtils.printObject(json);
				return null;
			}
		}
		/* 用户头像 */
		String personalHead = SqlInfusion.FilteSqlInfusion(paramMap.get("personalHead"));// 个人头像 (默认系统头像)
		if (StringUtils.isBlank(personalHead)) {
			personalHead = null;
			json.put("msg", "请正确上传你的个人头像");
			JSONUtils.printObject(json);
			return null;
		}
		if (user == null) {
			json.put("msg", "超时请重新登录");
			JSONUtils.printObject(json);
			return null;
		}

		long personId = -1L;
		if (iscellPhone != null) {
			cellPhone = iscellPhone;
		}

		personId = userService.updateUserBaseData(realName, cellPhone, sex,
				birthday, highestEdu, eduStartDay, school, maritalStatus,
				hasChild, hasHourse, hasHousrseLoan, hasCar, hasCarLoan,
				nativePlacePro, nativePlaceCity, registedPlacePro,
				registedPlaceCity, address, telephone, personalHead, user
						.getId(), idNo);
		if (personId > 0) {
			// ==
			if (user.getAuthStep() == 1) {
				user.setAuthStep(2);
			}
			session().removeAttribute("randomCode");
			user.setPersonalHead(personalHead);// 将个人头像放到session里面
			json.put("msg", "保存成功");
			JSONUtils.printObject(json);
			request().setAttribute("person", "1");
			user.setRealName(realName);
			session().setAttribute("user", user);
			return null;
			// 成功
		} else {
			json.put("msg", "保存失败");
			// 失败
			JSONUtils.printObject(json);
			return null;
		}
	}

	/**
	 * 
	 * 初始化工作认证信息，
	 * 
	 * @return
	 * @throws Exception
	 */
	public String queryWorkInit() throws Exception {

		// ==============================
		Map<String, String> map = new HashMap<String, String>();
		Map<String, String> allworkmap = new HashMap<String, String>();
		User user = (User) session().getAttribute("user");
		provinceList = regionService.queryRegionList(-1L, 1L, 1);
		request().setAttribute("provinceList", provinceList);

		map = validateService.queryWorkDataById(user.getId());
		allworkmap = validateService.queryAllWorkStatus(user.getId());
		if (map != null && map.size() > 0) {
			workPro = Convert.strToLong(map.get("workPro").toString(), -1L);
			cityId = Convert.strToLong(map.get("workCity").toString(), -1L);
		}
		cityList = regionService.queryRegionList(-1L, workPro, 2);
		request().setAttribute("cityList", cityList);
		request().setAttribute("map", map);
		request().setAttribute("allworkmap", allworkmap);
		Map<String, String> pmap = userService.queryPersonById(user.getId());
		if (pmap != null && pmap.size() > 0) {
			request().setAttribute("pass", pmap.get("auditStatus"));
		}
		// 得都用户基本资料信息
		Map<String, String> mapList = userService.queryPersonById(user.getId());
		if (mapList == null) {
			mapList = new HashMap<String, String>();
		}
		int authStep = user.getAuthStep();
		if (authStep < 2) {
			request().setAttribute("person", "0");
		} else {
			request().setAttribute("person", "1");
		}
		request().setAttribute("realName", user.getRealName());

		return SUCCESS;
	}

	// =============================

	/**
	 * 
	 * 初始化基本资料信息，
	 * 
	 * @return
	 * @throws Exception
	 */
	public String queryBasicInit() throws Exception {
		Map<String, String> map = new HashMap<String, String>();
		User user = (User) session().getAttribute("user");
		String birth = null;
		String rxedate = null;
		if (user != null) {
			map = userService.queryPersonById(user.getId());
			if (map != null && map.size() > 0) {
				workPro = Convert.strToLong(map.get("nativePlacePro")
						.toString(), -1L);
				cityId = Convert.strToLong(map.get("nativePlaceCity")
						.toString(), -1L);
				regPro = Convert.strToLong(map.get("registedPlacePro")
						.toString(), -1L);
				regCity = Convert.strToLong(map.get("registedPlaceCity")
						.toString(), -1L);
				String birthd = map.get("birthday");
				birth = Convert.strToStr(map.get("birthday"), null);
				rxedate = Convert.strToStr(map.get("eduStartDay"), null);
				if (birth != null) {
					birth = birth.substring(0, 10);
				}
				if (rxedate != null) {
					rxedate = rxedate.substring(0, 10);
				}
			}
		}
		// 判断用户是否已经填写了基本信息
		String flag = "";
		if (map != null && map.size() > 0) {// 用户基本资料有数据但是不一定是已经填写了基本资料信息
											// 还有可能是上传了个人头像
			if (!StringUtils.isBlank(map.get("realName"))) {// 不为空
				flag = "1";
			} else {
				flag = "2";
			}
		} else {
			flag = "2";
		}
		request().setAttribute("flag", flag);
		provinceList = regionService.queryRegionList(-1L, 1L, 1);
		cityList = regionService.queryRegionList(-1L, workPro, 2);
		regcityList = regionService.queryRegionList(-1L, regPro, 2);
		request().setAttribute("map", map);
		request().setAttribute("provinceList", provinceList);
		request().setAttribute("cityList", cityList);
		request().setAttribute("regcityList", regcityList);
		request().setAttribute("birth", birth);
		request().setAttribute("rxedate", rxedate);
		request().setAttribute("ISDEMO", IConstants.ISDEMO);
		return SUCCESS;
	}

	/**
	 * 更新的工作认证资料添加
	 * 
	 * @throws SQLException
	 * @throws IOException
	 * @throws DataException
	 */
	public String updateUserWorkData() throws Exception {
		JSONObject json = new JSONObject();
		User user = (User) session().getAttribute("user");
		if (user.getAuthStep() == 1) {
			// 个人信息认证步骤
			json.put("msg", "querBaseData");
			JSONUtils.printObject(json);
			return null;
		}

		String orgName = SqlInfusion.FilteSqlInfusion(paramMap.get("orgName"));
		if (StringUtils.isBlank(orgName)) {
			json.put("msg", "请正确填写公司名字");
			JSONUtils.printObject(json);
			return null;
		} else if (2 > orgName.length() || 50 < orgName.length()) {
			json.put("msg", "公司名字长度为不小于2和大于50");
			JSONUtils.printObject(json);
			return null;
		}

		String occStatus = SqlInfusion.FilteSqlInfusion(paramMap.get("occStatus"));
		if (StringUtils.isBlank(occStatus)) {
			json.put("msg", "请填写职业状态");
			JSONUtils.printObject(json);
			return null;
		}
		Long workPro = Convert.strToLong(paramMap.get("workPro"), -1L);
		if (workPro == null || workPro == -1L) {
			json.put("msg", "请填写工作城市省份");
			JSONUtils.printObject(json);
			return null;
		}
		Long workCity = Convert.strToLong(paramMap.get("workCity"), -1L);
		if (workCity == null || workCity == -1L) {
			json.put("msg", "请填写工作城市");
			JSONUtils.printObject(json);
			return null;
		}
		String companyType = SqlInfusion.FilteSqlInfusion(paramMap.get("companyType"));
		if (StringUtils.isBlank(companyType)) {
			json.put("msg", "请填写公司类别");
			JSONUtils.printObject(json);
			return null;
		}
		String companyLine = SqlInfusion.FilteSqlInfusion(paramMap.get("companyLine"));
		if (StringUtils.isBlank(companyLine)) {
			json.put("msg", "请填写公司行业");
			JSONUtils.printObject(json);
			return null;
		}
		String companyScale = SqlInfusion.FilteSqlInfusion(paramMap.get("companyScale"));
		if (StringUtils.isBlank(companyScale)) {
			json.put("msg", "请填写公司规模");
			JSONUtils.printObject(json);
			return null;
		}
		String job = SqlInfusion.FilteSqlInfusion(paramMap.get("job"));
		if (StringUtils.isBlank(job)) {
			json.put("msg", "请填写职位");
			JSONUtils.printObject(json);
			return null;
		}
		String monthlyIncome = SqlInfusion.FilteSqlInfusion(paramMap.get("monthlyIncome"));
		if (StringUtils.isBlank(monthlyIncome)) {
			json.put("msg", "请填写月收入");
			JSONUtils.printObject(json);
			return null;
		}
		String workYear = SqlInfusion.FilteSqlInfusion(paramMap.get("workYear"));
		if (StringUtils.isBlank(workYear)) {
			json.put("msg", "请填写现单位工作年限");
			JSONUtils.printObject(json);
			return null;
		}
		String companyTel = SqlInfusion.FilteSqlInfusion(paramMap.get("companyTel"));
		if (StringUtils.isBlank(companyTel)) {
			json.put("msg", "请真确填写公司电话");
			JSONUtils.printObject(json);
			return null;
		}
		if (!StringUtils.isNumeric(companyTel)) {
			json.put("msg", "请真确填写公司电话");
			JSONUtils.printObject(json);
			return null;
		}
		if (companyTel.trim().length() < 7 || companyTel.trim().length() > 11) {
			json.put("msg", "请真确填写公司电话");
			JSONUtils.printObject(json);
			return null;
		}

		String workEmail = SqlInfusion.FilteSqlInfusion(paramMap.get("workEmail"));
		if (StringUtils.isBlank(workEmail)) {
			json.put("msg", "请填写工作邮箱");
			JSONUtils.printObject(json);
			return null;
		}
		String companyAddress = SqlInfusion.FilteSqlInfusion(paramMap.get("companyAddress"));
		if (StringUtils.isBlank(companyAddress)) {
			json.put("msg", "请填写公司地址");
			JSONUtils.printObject(json);
			return null;
		}
		String directedName =SqlInfusion.FilteSqlInfusion( paramMap.get("directedName"));
		if (StringUtils.isBlank(directedName)) {
			json.put("msg", "请填写直系人姓名");
			JSONUtils.printObject(json);
			return null;
		} else if (2 > directedName.length() || 50 < directedName.length()) {
			json.put("msg", "直系人姓名长度为不小于2和大于50");
			JSONUtils.printObject(json);
			return null;
		}

		String directedRelation =SqlInfusion.FilteSqlInfusion( paramMap.get("directedRelation"));
		if (StringUtils.isBlank(directedRelation)) {
			json.put("msg", "请填写直系人关系");
			JSONUtils.printObject(json);
			return null;
		}
		String directedTel = SqlInfusion.FilteSqlInfusion(paramMap.get("directedTel"));
		if (StringUtils.isBlank(directedTel)) {
			json.put("msg", "请真确填写直系人电话");
			JSONUtils.printObject(json);
			return null;
		}
		if (!StringUtils.isNumeric(directedTel)) {
			json.put("msg", "请真确填写直系人电话");
			JSONUtils.printObject(json);
			return null;
		}
		if (directedTel.trim().length() != 11) {
			json.put("msg", "请真确填写直系人电话长度错误");
			JSONUtils.printObject(json);
			return null;
		}

		String otherName = SqlInfusion.FilteSqlInfusion(paramMap.get("otherName"));
		if (StringUtils.isBlank(workPro.toString())) {
			json.put("msg", "请填写其他人姓名");
			JSONUtils.printObject(json);
			return null;
		} else if (2 > otherName.length() || 50 < otherName.length()) {
			json.put("msg", "其他人姓名长度为不小于2和大于50");
			JSONUtils.printObject(json);
			return null;
		}

		String otherRelation = SqlInfusion.FilteSqlInfusion(paramMap.get("otherRelation"));
		if (StringUtils.isBlank(otherRelation)) {
			json.put("msg", "请填写其他人关系");
			JSONUtils.printObject(json);
			return null;
		}
		String otherTel = SqlInfusion.FilteSqlInfusion(paramMap.get("otherTel"));
		if (StringUtils.isBlank(otherTel)) {
			json.put("msg", "请正确填写其他人联系电话");
			JSONUtils.printObject(json);
			return null;
		}

		if (!StringUtils.isNumeric(otherTel)) {
			json.put("msg", "请正确填写其他人联系电话");
			JSONUtils.printObject(json);
			return null;
		}
		if (otherTel.trim().length() != 11) {
			json.put("msg", "请真确填写直系人电话长度错误");
			JSONUtils.printObject(json);
			return null;
		}

		String moredName = SqlInfusion.FilteSqlInfusion(paramMap.get("moredName"));
		if (StringUtils.isBlank(moredName)) {
			json.put("msg", "morename");
			JSONUtils.printObject(json);
			return null;
		} else if (2 > moredName.length() || 50 < moredName.length()) {
			json.put("msg", "更多联系人姓名长度为不小于2和大于50");
			JSONUtils.printObject(json);
			return null;
		}
		String moredRelation = SqlInfusion.FilteSqlInfusion(paramMap.get("moredRelation"));
		if (StringUtils.isBlank(moredRelation)) {
			json.put("msg", "morereation");
			JSONUtils.printObject(json);
			return null;
		}
		String moredTel = SqlInfusion.FilteSqlInfusion(paramMap.get("moredTel"));
		if (StringUtils.isBlank(moredTel)) {
			json.put("msg", "moretel");
			JSONUtils.printObject(json);
			return null;
		}
		if (!StringUtils.isNumeric(moredTel)) {
			json.put("msg", "moretel");
			JSONUtils.printObject(json);
			return null;
		}
		if (moredTel.trim().length() != 11) {
			json.put("msg", "请真确填写直系人电话长度错误");
			JSONUtils.printObject(json);
			return null;
		}
		// 用户Id
		Long userId = user.getId();
		Long result = -1L;
		// 判断用户是否已经是vip
		Map<String, String> vipMap = null;
		vipMap = beVipService.queryUserById(user.getId());
		int vipStatus = 1;// 1 为非vip 2 为vip 3 代扣费vip
		int newutostept = -1;
		if (vipMap.size() > 0 && vipMap != null) {
			vipStatus = Convert.strToInt(vipMap.get("vipStatus"), 1);
			newutostept = Convert.strToInt(vipMap.get("authStep"), -1);// 用户此时的认证步骤状态
		}
		if (user != null) {
			result = userService.updateUserWorkData(orgName, occStatus,
					workPro, workCity, companyType, companyLine, companyScale,
					job, monthlyIncome, workYear, companyTel, workEmail,
					companyAddress, directedName, directedRelation,
					directedTel, otherName, otherRelation, otherTel, moredName,
					moredRelation, moredTel, userId, vipStatus, newutostept);
		}

		if (result > 0) {
			// 保存成功更新认证步骤
			if (user.getAuthStep() == 2) {
				user.setAuthStep(3);
			}

			if (vipStatus != 1) {// 是vip会员
				// 更新用户的session步骤和是更新user表中的认证步骤
				user.setAuthStep(4);
				json.put("msg", "vip保存成功");
				JSONUtils.printObject(json);
				return null;
			} else {
				json.put("msg", "保存成功");
				JSONUtils.printObject(json);
				return null;
			}

		} else {
			json.put("msg", "保存失败");
			JSONUtils.printObject(json);
			return null;
		}

	}

	public String updatePassword() throws Exception {
		User user = (User) session().getAttribute(IConstants.SESSION_USER);
		int safetyCount = 1;//默认有登录密码，及安全等级至少为20%
		if (user != null) {
			Map<String, String> pmap = userService
					.queryPersonById(user.getId());
			Map<String, String> umap = userService.queryUserById(user.getId());
			//实名认证
			/*if(StringUtils.isNotEmpty(pmap.get("realName"))){
				user.setIsBindIdNo(1);
				safetyCount++;
			}else{
				user.setIsBindIdNo(0);
			}*/
			Map<String, String> materialsauthMap = userService.isCheckIDCard(user.getId());
			if(materialsauthMap == null || materialsauthMap.size() == 0 || !(materialsauthMap.get("auditStatus").equals("3"))){
				user.setIsBindIdNo(0);
			}else{
				user.setIsBindIdNo(1);
				safetyCount++;
			}
			//绑定手机
			if(StringUtils.isNotEmpty(pmap.get("cellPhone"))){
				user.setIsBindMobile(1);
				safetyCount++;
			}else{
				user.setIsBindMobile(0);
			}
			//支付密码
			String password = umap.get("password");
			String dealpwd = umap.get("dealpwd");
			if(StringUtils.isNotEmpty(password)&&StringUtils.isNotEmpty(dealpwd)){
				if(!password.equals(dealpwd)){
					user.setCode(1);
					safetyCount++;
				}else{
					user.setCode(0);
				}
			}
			//密保问题
			// 根据用户ID查询
			Map<String, String> map = userService.queryQuestion(user.getId());
			if(null != map && map.size()>1){
				session().setAttribute("isBindQuestion", 1);
				safetyCount++;
			}else{
				session().setAttribute("isBindQuestion", 0);
			}
			//add by sunbing start
			if("".equals(user.getEmail())||null == user.getEmail()){
				session().setAttribute("isBindEmail", 0);
			}else{
				session().setAttribute("isBindEmail", 1);
			}
			//add by sunbing end
			double safetyLevel = (double)(Math.round((double)safetyCount*100)/5.0);
			session().setAttribute("safetyLevel", safetyLevel);
			session().setAttribute(IConstants.SESSION_USER, user);
			return "success";
		} else {
			return "login";
		}
	}
	public String realNameAuthen() throws Exception {
		User user = (User) session().getAttribute(IConstants.SESSION_USER);
		if (user != null) {
			Map<String, String> pmap = userService
					.queryPersonById(user.getId());
			paramMap = userService.queryUserById(user.getId());
			//判断用户是否已经实名认证
			//Map<String, String> materialsauthMap = userService.isCheckIDCard(user.getId());
			/*if(materialsauthMap == null || materialsauthMap.size() == 0 || !(materialsauthMap.get("auditStatus").equals("3"))){
				//实名认证标志位已放在session中使用的是session.user.isBindIdNo
				//request().setAttribute("userMaterialsauthStats", 0);
			}else{
				//request().setAttribute("userMaterialsauthStats", materialsauthMap.get("auditStatus"));
				String idNo = pmap.get("idNo");
				String IdCardNo = idNo.substring(0, 3)+"***"+idNo.substring(6, 10)+"********";
				request().setAttribute("IdCardNo", IdCardNo);
				
			}*/
			if(user.getIsBindIdNo() == 1){
				String idNo = pmap.get("idNo");
				String IdCardNo = idNo.substring(0, 3)+"***"+idNo.substring(6, 10)+"********";
				request().setAttribute("IdCardNo", IdCardNo);
			}
			return "success";
		} else {
			return "login";
		}
	}

	public String updatePassworddl() {
		return "success";
	}

	public String updatePasswordjy() {
		return "success";
	}

	public String updatePasswordjyQuestion() {
		return "success";
	}

	public String szform() {
		return "success";
	}

	public String zjManagerInit() {
		return "success";
	}

	/**
	 * (前台)账户管理 安全设置
	 * 
	 * @return
	 */
	public String updatexgmm() {
		User user = (User) session().getAttribute("user");
		Long id = user.getId();// 获得用户编号
		try {
			List<Map<String, Object>> lists = homeInfoSettingService
			.queryBankInfoList(id);
			for (Map<String, Object> map : lists) {
				if(null != map.get("cardNo")){
					String cardNo = String.valueOf(map.get("cardNo"));
					map.put("lastCardNo", cardNo.substring(cardNo.length()-6, cardNo.length()));//取银行后6位
				}
				if(null == map.get("cardUserName")){
					map.put("cardUserName", user.getRealName());//取用户真实姓名
				}
			}
			request().setAttribute("bankCardList", lists);
			request().setAttribute("realName", user.getRealName());
			/**
			String realName = "";
			Map<String, String> pmap = userService
					.queryPersonById(user.getId());
			Map<String, String> homeMap = myHomeService.queryHomeInfo(user
					.getId());
			request().setAttribute("homeMap", homeMap);
			
			if (pmap != null && pmap.size() > 0) {
				request().setAttribute("pass", pmap.get("auditStatus"));
				request().setAttribute("cellPhone", pmap.get("cellPhone"));
				realName = pmap.get("realName") + "";
			}

			request().setAttribute("emailBound", user.getEmail());
			request().setAttribute("realName", realName);
			request().setAttribute("lastDate", homeMap.get("lastDate"));
			**/
			

		} catch (Exception e) {
			log.error(e);
			e.printStackTrace();
		}

		return SUCCESS;
	}
	/***
	 * 进入绑定新手机页面（借款人）
	 * @return
	 */
	public String toBdNewPhone(){
		return SUCCESS;
	}

	public String updateQuestionInit() throws Exception {
		User user = (User) session().getAttribute("user");
		// 根据用户ID查询安全问题
		Map<String, String> map = userService.queryQuestion(user.getId());
		if(null != map && map.size()>1){
			//request().setAttribute("map", map);
			return "change";
		}else{
			return "success";
		}
	}

	/**
	 * 新增安全问题
	 * 
	 * @return [参数说明]
	 * @throws Exception 
	 * 
	 * @exception throws [违例类型] [违例说明]
	 * @see [类、类#方法、类#成员]
	 */
	public void addQuestion() throws Exception {
		User user = (User) session().getAttribute("user");
		String question = SqlInfusion.FilteSqlInfusion(paramMap.get("question"));
		String answer = SqlInfusion.FilteSqlInfusion(paramMap.get("answer"));
		String payPwd = SqlInfusion.FilteSqlInfusion(paramMap.get("dealpwd"));
		//验证交易密码
		Map<String, String> map = homeInfoSettingService.getDealPwd(user.getId());
		// 获得交易密码
		String dealpwd = map.get("dealpwd");// 交易密码默认为登录密码
		if (dealpwd == null || "".equals(dealpwd)) {
			dealpwd = user.getPassword();
		}
		if ("1".equals(IConstants.ENABLED_PASS)) {
			payPwd = com.shove.security.Encrypt.MD5(payPwd);
		} else {
			payPwd = com.shove.security.Encrypt.MD5(payPwd
					+ IConstants.PASS_KEY);
		}
		if (!payPwd.equals(dealpwd)) {// 交易密码输入错误
			JSONUtils.printStr("-1");
			return;
		}
		long result = -1;
		long result1 = -1;
		result = userService.addQuestion(user.getId(), question, answer);
		result1 =userService.updateUserSafeFlag(user.getId());
		if (result > 0&&result1>0) {
			JSONUtils.printStr("1");
			//成功则修改session中的值
			session().setAttribute("isBindQuestion", 1);
		} else {
			JSONUtils.printStr("2");
		}
	}
	/**
	 * 修改密保问题第一步
	 */
	public String changeSecretQuestion(){
		User user = (User) session("user");
		String oldQuestion = SqlInfusion.FilteSqlInfusion(Convert.strToStr(request().getParameter("secretQuestion"),null));
		String oldAnswer = SqlInfusion.FilteSqlInfusion(Convert.strToStr(request().getParameter("answer"),null));
		// 根据用户ID查询原始答案
		Map<String, String> answerMap;
		try {
			answerMap = userService.queryOldAnswer(user.getId(),
					oldAnswer, oldQuestion);
			if (null==answerMap) {//未设置过密保问题
				request().setAttribute("error", "1");
				this.addFieldError("paramMap.error", "<i class=\"icons reg-error\"></i>问题或密码不正确");
				return "fail";
			}
		} catch (Exception e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		return SUCCESS;
	}
	/**
	 * 修改安全问题
	 * 
	 * @return [参数说明]
	 * 
	 * @return String [返回类型说明]
	 * @exception throws [违例类型] [违例说明]
	 * @see [类、类#方法、类#成员]
	 */
	public String updateQuestion() {
		User user = (User) session("user");
		String question = SqlInfusion.FilteSqlInfusion(paramMap.get("question"));
		String answer =SqlInfusion.FilteSqlInfusion( paramMap.get("answer"));
		long result = -1;
		try {
			result = userService.updateQuestion(user.getId(), question, answer);
			if (result > 0) {
				JSONUtils.printStr("1");
			} else {
				JSONUtils.printStr("2");
			}
		} catch (Exception e) {
			e.printStackTrace();
		}
		return null;
	}

	public String queryQuestionAndAnswerInit() {
		String type = Convert.strToStr(request("type"), null);
		request().setAttribute("type", type);
		return "success";
	}
	/**
	 * @Title: forgotPwd
	
	 * @Description: 忘记密码跳转至找回密码第一步
	
	 * @return String   
	
	 */
	public String forgotPwd(){
		return SUCCESS;
	}
	/**
	 * @Title: findPwdStepOne
	
	 * @Description: 找回密码第一步，检验账户是否存在
	
	 * @return String   
	 * @throws Exception 
	
	 */
	public String findPwdStepOne() throws Exception{
		String pageId = SqlInfusion.FilteSqlInfusion(paramMap.get("pageId")); // 验证码
		String code = (String) session().getAttribute(pageId + "_checkCode");
		String _code = SqlInfusion.FilteSqlInfusion(paramMap.get("code").toString().trim());
		String userName = SqlInfusion.FilteSqlInfusion(paramMap.get("userName").toString().trim()); //用户名、邮箱或者手机号
		String type = Convert.strToStr(paramMap.get("type"), "0");
		if (code == null || !_code.equals(code)) {
			JSONUtils.printStr("-2");
			return null;
		}
		//TODO 校验用户名是否存在
		Map<String, String> userMap = userService.queryUserByUserName(userName);
		if(StringUtils.isBlank(userMap.get("username"))){
			JSONUtils.printStr("-1");
			return null;
		}
		userMap.put("findPwdType", type);
		session().setAttribute("findPwdMap", userMap);
		return SUCCESS;
	}
	/**
	 * @Title: resetPwdStepOneTo
	
	 * @Description: 找回密码第一步跳转至第二步
	
	 * @return String   
	
	 */
	public String findPwdStepTwo(){
		Map<String, String> userMap = (Map<String, String>) session().getAttribute("findPwdMap");
		if(null == userMap || userMap.size() < 1){
			return "stepOne";
		}
		String findPwdType = userMap.get("findPwdType");
		request().setAttribute("findPwdType", findPwdType);
		request().setAttribute("userName", userMap.get("username"));
		if("1".equals(findPwdType)){
			request().setAttribute("email", userMap.get("email"));
		}else if("2".equals(findPwdType)){
			request().setAttribute("mobilePhone", userMap.get("mobilePhone"));
		}
		return SUCCESS;
	}
	/*add by sunbing start*/
	public String retrievePayPwdOption(){
		User user = (User) session().getAttribute("user");
		List<Map<String, Object>> lists;
		int isBindMobile = user.getIsBindMobile();
		if(isBindMobile == 1){
			Map<String, String> userMap;
			try {
				userMap = userService.queryUserById(user.getId());
				String mobilePhone = userMap.get("mobilePhone");
				if(StringUtils.isNotEmpty(mobilePhone)){
					userMap.put("mobilePhone", mobilePhone.substring(0, 3) + "****" + mobilePhone.substring(7, 11));
				}
				request().setAttribute("userMap", userMap);
			} catch (Exception e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
			}
		}
		try {
			lists = homeInfoSettingService
			.queryBankInfoList(user.getId());
			if(null != lists && lists.size() > 0){
				request().setAttribute("isBindBankCard", 1);
			}else{
				request().setAttribute("isBindBankCard", 0);
			}
		} catch (Exception e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		return SUCCESS;
	}
	public String retrievePayPwdByBankCard(){
		User user = (User) session().getAttribute("user");
		int isBindMobile = user.getIsBindMobile();
		//判断用户是否绑定手机
		if(isBindMobile == 0){
			return "phone";
		}else{
			Map<String, String> userMap;
			try {
				userMap = userService.queryUserById(user.getId());
				String mobilePhone = userMap.get("mobilePhone");
				if(StringUtils.isNotEmpty(mobilePhone)){
					userMap.put("mobilePhone", mobilePhone.substring(0, 3) + "****" + mobilePhone.substring(7, 11));
				}
				request().setAttribute("userMap", userMap);
			} catch (Exception e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
			}
		}
		try {
			List<Map<String, Object>> lists = homeInfoSettingService
			.queryBankInfoList(user.getId());
			if(null != lists && lists.size() > 0){
				request().setAttribute("bankCardList", lists);
				return SUCCESS;
			}else{
				return "bankcard";
			}
		} catch (Exception e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		return SUCCESS;
	}
	public void sendVerifycodeForRetrievePayPwd() throws Exception{
		JSONObject obj = new JSONObject();
		String bankCardNo = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("bankCardNo"),null)).replaceAll("\\s*", "");
		String bankCardId =SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("bankCardId"),null));
		String sendType = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("sendType"),null));
		if(!"1".equals(sendType)){
			obj.put("result", "intervalErr");
			JSONUtils.printObject(obj);
			return;
		}
		if(bankCardNo == null || bankCardId ==  null){
			obj.put("result", "bankCardNoFailed");
			obj.put("msg", "请输入完整的银行卡号");
			JSONUtils.printObject(obj);
			return;
		}
		User user = (User) session().getAttribute("user");
		if(null != user){
			Map<String, String> cardExist = homeInfoSettingService.checkBankCardExist(user.getId(), bankCardId, bankCardNo);
			int cardExistFlag = Convert.strToInt(cardExist.get("count(*)"),0);
			if(cardExistFlag > 0){
				//发送验证码
				//手机号码直接从用户信息离查询
				Map<String,String> userMap = userService.queryUserById(user.getId());
				String telephone = userMap.get("mobilePhone");
				if(StringUtils.isEmpty(telephone)){
					//获取手机号码失败
					obj.put("result", "failed");
					obj.put("msg", "手机号码获取失败");
					JSONUtils.printObject(obj);
					return;
				}
				StringBuffer telephoneCode = new StringBuffer();
			
				// 获取验证码
				for (int i = 0; i < 6; i++) {
					telephoneCode.append((int) (Math.random() * 10));
				}
				session().setAttribute("telephoneCode", telephoneCode+"");

				System.out.println(telephoneCode.toString());
				
				Map<String, String> map = sMsService.getSMSById(1);	
				
				SMSUtil.sendSMS(map.get("Account"), map
						.get("Password"), "您的验证码为 "
						+ telephoneCode.toString()+"（请在页面输入以完成验证），如非本人操作，请忽略本短信。有问题请致电：4008-893-983", telephone,"");
				obj.put("result", "success");
				JSONUtils.printObject(obj);
			}else{
				obj.put("result", "failed");
				obj.put("msg", "银行卡号错误");
				JSONUtils.printObject(obj);
			}
		}else{
			obj.put("result", "needLogin");
			JSONUtils.printObject(obj);
		}
	}
	public void retrievePayPwdByBankCardConfirm() throws Exception{
		JSONObject obj = new JSONObject();
		String bankCardNo = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("bankCardNo"),null)).replaceAll("\\s*", "");
		String bankCardId =SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("bankCardId"),null));
		String verifyCode = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("verifyCode"),null));
		String newPayPassword = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("newPayPassword"),null));
		User user = (User) session().getAttribute("user");
		String telephoneCode = (String)session().getAttribute("telephoneCode");
 		if(bankCardNo == null || bankCardId ==  null){
			obj.put("result", "bankCardNoFailed");
			obj.put("msg", "请输入完整的银行卡号");
			JSONUtils.printObject(obj);
			return;
		}
		if(verifyCode == null){
			obj.put("result", "noPhoneCode");
			obj.put("msg", "请输入手机验证码");
			JSONUtils.printObject(obj);
			return;
		}
		if(newPayPassword == null){
			obj.put("result", "noPayPwd");
			obj.put("msg", "请输入新的支付密码");
			JSONUtils.printObject(obj);
			return;
		}
		if(StringUtils.isEmpty(telephoneCode)){
			obj.put("result", "phoneCodeTimeout");
			obj.put("msg", "验证码超时");
			JSONUtils.printObject(obj);
			return;
		}
		if(null != user){
			Map<String, String> cardExist = homeInfoSettingService.checkBankCardExist(user.getId(), bankCardId, bankCardNo);
			int cardExistFlag = Convert.strToInt(cardExist.get("count(*)"),0);
			if(cardExistFlag > 0){
				//校验验证码是否正确
				if(verifyCode.equals(telephoneCode)){
					//移除验证码
					session().setAttribute("telephoneCode", "");
					//判断交易密码跟登录密码是否相同
					String payPwd = "";
					if ("1".equals(IConstants.ENABLED_PASS)) {
						payPwd = com.shove.security.Encrypt.MD5(newPayPassword);
					} else {
						payPwd = com.shove.security.Encrypt.MD5(newPayPassword
								+ IConstants.PASS_KEY);
					}
					if (payPwd.equals(user.getPassword())) {// 交易密码与登录密码相同
						obj.put("result", "PayPwdFailed");
						obj.put("msg", "支付密码不能与登录密码相同");
						JSONUtils.printObject(obj);
					}else{
					//修改交易密码
					long result = homeInfoSettingService.updateUserPassword(user.getId(),
							newPayPassword,"");
					if (result < 0) {//修改失败
					} else {//修改成功
						obj.put("result", "success");
						JSONUtils.printObject(obj);
					}
					}
				}else{
					obj.put("result", "phoneCodeFailed");
					obj.put("msg", "手机验证码错误");
					JSONUtils.printObject(obj);
				}
			}else{
				obj.put("result", "failed");
				obj.put("msg", "银行卡号错误");
				JSONUtils.printObject(obj);
			}
		}else{
			obj.put("result", "needLogin");
			JSONUtils.printObject(obj);
		}
	}
	public String retrievePayPwdSuccess(){
		return SUCCESS;
	}
	public String retrievePayPwd(){
		User user = (User) session().getAttribute("user");
		// 根据用户ID查询安全问题
		Map<String, String> map;
		try {
			map = userService.queryQuestion(user.getId());
			if(null != map && map.size()>1){
				//request().setAttribute("map", map);
				return SUCCESS;
			}else{
				return "question";
			}
		} catch (Exception e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		return SUCCESS;
	}
	public void askAndAnswerIsExist() throws Exception{
		String obtainQuestion = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("obtainQuestion"),null));
		String obtainAnswer = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("obtainAnswer"),null));
		User user = (User) session().getAttribute("user");
		// 根据用户ID查询原始答案
		Map<String, String> answerMap;
		try {
			answerMap = userService.queryOldAnswer(user.getId(),
					obtainAnswer, obtainQuestion);
			if (null==answerMap) {//未设置过密保问题
				JSONUtils.printStr("1");
			}else{
				JSONUtils.printStr("2");
			}
		} catch (Exception e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
	}
	public void toResetPayPassWord() throws Exception{
		String newPayPass = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("newPayPass"),null));
		User user = (User) session().getAttribute("user");
		if(newPayPass == null){
			JSONUtils.printStr("-1");
			return;
		}
		//判断交易密码跟登录密码是否相同
		String payPwd = "";
		if ("1".equals(IConstants.ENABLED_PASS)) {
			payPwd = com.shove.security.Encrypt.MD5(newPayPass);
		} else {
			payPwd = com.shove.security.Encrypt.MD5(newPayPass
					+ IConstants.PASS_KEY);
		}
		if (payPwd.equals(user.getPassword())) {// 交易密码与登录密码相同
			JSONUtils.printStr("-100");
		}else{
		//修改交易密码
		long result = homeInfoSettingService.updateUserPassword(user.getId(),
				newPayPass,"");
		if (result < 0) {//修改失败
			JSONUtils.printStr("-2");
		} else {//修改成功
			JSONUtils.printStr("2");
		}
		}
	}
	
	/*add by sunbing end*/
	/**
	 * 验证用户名、安全问题、安全答案
	 * 
	 * @return [参数说明]
	 * 
	 * @return String [返回类型说明]
	 * @exception throws [违例类型] [违例说明]
	 * @see [类、类#方法、类#成员]
	 */
	public String queryQuestionAndAnswer() {
		String userName = SqlInfusion.FilteSqlInfusion(paramMap.get("userName"));
		String question =SqlInfusion.FilteSqlInfusion( paramMap.get("question"));
		String answer = SqlInfusion.FilteSqlInfusion(paramMap.get("answer"));
		String type = SqlInfusion.FilteSqlInfusion(paramMap.get("type"));
		try {
			Map<String, String> userIdMap = userService.queryIdByUser(userName);
			if (null != userIdMap && null != userIdMap.get("id")) {
				Long userId = Long.valueOf(userIdMap.get("id").toString());
				// 根据用户验证密保问题答案
				Map<String, String> answerMap = userService.queryOldAnswer(
						userId, answer, question);
				if (null != answerMap && null != answerMap.get("question")
						&& null != answerMap.get("answer")) {
					JSONUtils.printStr(userId + "");// 验证成功
				} else {
					JSONUtils.printStr("-2");// 问题或答案不正确
				}

			} else {
				JSONUtils.printStr("-3");// 该用户不存在
			}
		} catch (Exception e) {
			e.printStackTrace();
		}
		return null;
	}

	public String newPswInit() {
		String userId = SqlInfusion.FilteSqlInfusion(Convert.strToStr(request("userId"), null));
		request().setAttribute("userId", userId);
		String type =SqlInfusion.FilteSqlInfusion( Convert.strToStr(request("type"), null));
		request().setAttribute("type", type);
		String key = SqlInfusion.FilteSqlInfusion(request("key"));
		if (key != null && !"".equals(key)) {
			return key;
		}
		return SUCCESS;
	}
	
	/**
	 * 投资人 绑定手机号码初始化
	 * 
	 * @return
	 */
	public String bindingCellphoneInit() {
		return SUCCESS;
	}
	
	/**
	 * 投资人绑定手机号码
	 * 
	 */
	public void bindingCellphone() throws Exception{
		User user = (User) session().getAttribute("user");
		//获取手机号码
		String telephone = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("telephone"), null));
		//获取前台提交手机验证码
		String code = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("verifycode"), null));
		//获取前台交易密码
		String payPwd = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("payPwd"), null));
		if (telephone == null || telephone == "") {
			JSONUtils.printStr("-1");// 获取手机号码失败
			return;
		}
		if (code == null || code == "") {
			JSONUtils.printStr("-2");// 获取验证码失败
			return;
		}
		if (payPwd == null || payPwd == "") {
			JSONUtils.printStr("-3");// 获取交易密码失败
			return;
		}
		//验证手机号码是否已绑定
		Long vidResult = userService.queryUserIdByPhone(telephone);
		if (vidResult > 0) {
			// 该号码已绑定
			JSONUtils.printStr("0");
			return;
		}
		//验证交易密码
		Map<String, String> map = homeInfoSettingService.getDealPwd(user.getId());
		// 获得交易密码
		String dealpwd = map.get("dealpwd");// 交易密码默认为登录密码
		if (dealpwd == null || "".equals(dealpwd)) {
			dealpwd = user.getPassword();
		}
		if ("1".equals(IConstants.ENABLED_PASS)) {
			payPwd = com.shove.security.Encrypt.MD5(payPwd);
		} else {
			payPwd = com.shove.security.Encrypt.MD5(payPwd
					+ IConstants.PASS_KEY);
		}
		if (!payPwd.equals(dealpwd)) {// 交易密码输入错误
			JSONUtils.printStr("1");
			return;
		}
		String telephoneCode = new String();
		telephoneCode = (String)session().getAttribute("telephoneCode");
		if(telephoneCode == null || telephoneCode == ""){
			JSONUtils.printStr("-4");// 系统异常
			return;
		}
		if(code.equals(telephoneCode)){
			Long result = userService.updataUserCellphone(user.getId(),telephone);
			if(result > 0){
				//移除验证码
				session().setAttribute("telephoneCode", "");
				user.setIsBindMobile(1);
				session().setAttribute("user", user);
				JSONUtils.printStr("3");// 绑定手机成功
			}
			return;
		}else{
			JSONUtils.printStr("2");// 验证码错误
			return;
		}
	}
	/**
	 * 投资人 更改手机号码
	 * 
	 * @return
	 */
	public String changeCellphoneInit() {
		User user = (User) session().getAttribute("user");
		try {
			if(user == null){
				return "toLogin";
			}
			Map<String,String> userMap = userService.queryUserById(user.getId());
			String mobilePhone = userMap.get("mobilePhone");
			if(StringUtils.isNotEmpty(mobilePhone)){
				userMap.put("mobilePhone", mobilePhone.substring(0, 3) + "****" + mobilePhone.substring(7, 11));
			}
			request().setAttribute("userMap", userMap);
		} catch (Exception e) {
			log.error(e);
			e.printStackTrace();
		}

		return SUCCESS;
	}
	
	/**
	 * 投资人 更改手机号码 第二步
	 * 
	 * @return
	 */
	public String changeCellphoneNext() {
		User user = (User) session().getAttribute("user");
		String verifycode = SqlInfusion.FilteSqlInfusion(Convert.strToStr(request().getParameter("verifycode"),null));
		if(verifycode == null){
			this.addFieldError("paramMap.code", "<i class=\"icons reg-error\"></i>请输入验证码");
			return "fail";
		}
		try {
			if(user == null){
				return "toLogin";
			}
			Map<String,String> userMap = userService.queryUserById(user.getId());
			String mobilePhone = userMap.get("mobilePhone");
			if(StringUtils.isNotEmpty(mobilePhone)){
				userMap.put("mobilePhone", mobilePhone.substring(0, 3) + "****" + mobilePhone.substring(7, 11));
			}
			request().setAttribute("userMap", userMap);
			String telephoneCode = new String();
			telephoneCode = (String)session().getAttribute("telephoneCode");
			if(telephoneCode == null || telephoneCode == ""){
				this.addFieldError("paramMap.code", "<i class=\"icons reg-error\"></i>请获取手机验证码");
				return "fail";
			}else{
				if(!verifycode.equals(telephoneCode)){
					this.addFieldError("paramMap.code", "<i class=\"icons reg-error\"></i>手机验证码错误");
					return "fail";// 验证失败
				}else{
					//移除验证码
					session().setAttribute("telephoneCode", "");
					return SUCCESS;
				}
			}
		} catch (Exception e) {
			log.error(e);
			e.printStackTrace();
		}
		return null;
	}
	
	/**
	 * 投资人 更改手机号码 第三步
	 * 
	 * @return
	 * @throws Exception 
	 */
	public void changeCellphoneLast() throws Exception {
		User user = (User) session().getAttribute("user");
		//获取手机号码
		String telephone = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("telephone"), null));
		//获取前台提交手机验证码
		String code = SqlInfusion.FilteSqlInfusion(Convert.strToStr(paramMap.get("verifycode"), null));
		if (telephone == null || telephone == "") {
			JSONUtils.printStr("-1");// 获取手机号码失败
			return;
		}
		if (code == null || code == "") {
			JSONUtils.printStr("-2");// 获取验证码失败
			return;
		}
		//验证手机号码是否已绑定
		Long vidResult = userService.queryUserIdByPhone(telephone);
		if (vidResult > 0) {
			// 该号码已绑定
			JSONUtils.printStr("0");
			return;
		}
		String telephoneCode = new String();
		telephoneCode = (String)session().getAttribute("telephoneCode");
		if(telephoneCode == null || telephoneCode == ""){
			JSONUtils.printStr("-3");// 系统异常
			return;
		}
		if(code.equals(telephoneCode)){
			Long result = userService.updataUserCellphone(user.getId(),telephone);
			if(result > 0){
				//移除验证码
				session().setAttribute("telephoneCode", "");
				user.setIsBindMobile(1);
				session().setAttribute("user", user);
				JSONUtils.printStr("2");// 绑定手机成功
			}
			return;
		}else{
			JSONUtils.printStr("1");// 验证码错误
			return;
		}
	}
	/***
	 * 找回交易密码初始化
	 * @return
	 */
	public String findTradePassword(){
		return SUCCESS;
	}
	/***
	 * 判断是否已经绑定了手机
	 * @return
	 * @throws Exception 
	 */
	public String tofindByCellphone() throws Exception{
		User user = (User) session().getAttribute(IConstants.SESSION_USER);
		if(user!=null){
			Map<String, String> pmap = userService.queryPersonById(user.getId());
//			paramMap = userService.queryUserById(user.getId());
			String cellPhone = pmap.get("cellPhone");
			if(cellPhone.equals("")||cellPhone==null){
				JSONUtils.printStr("-1");
			}else{
				JSONUtils.printStr("1");
			}
		}
		return null;
	}
	/***
	 * 手机找回交易密码初始化
	 * @return
	 * @throws Exception 
	 */
	public String findTradePasswordByCellphone() throws Exception{
		User user = (User) session().getAttribute(IConstants.SESSION_USER);
		if(user!=null){
			Map<String, String> pmap = userService.queryPersonById(user.getId());
			paramMap = userService.queryUserById(user.getId());
		}else{
			return "login";
		}
		return SUCCESS;
	}
	
	/***
	 * 判断是否已经绑定了邮箱
	 * @return
	 * @throws Exception 
	 */
	public String tofindByEmail() throws Exception{
		User user = (User) session().getAttribute(IConstants.SESSION_USER);
		if(user!=null){
			paramMap = userService.queryUserById(user.getId());
			String email = paramMap.get("email");
			if(email.equals("")||email==null){
				JSONUtils.printStr("-1");
			}else{
				JSONUtils.printStr("1");
			}
		}
		return null;
	}
	/***
	 * 邮箱找回交易密码初始化
	 * @return
	 * @throws Exception 
	 */
	public String findTradePasswordByEmail() throws Exception{
		User user = (User) session().getAttribute(IConstants.SESSION_USER);
		if(user!=null){
			paramMap = userService.queryUserById(user.getId());
		}else{
			return "login";
		}
		return SUCCESS;
	}
	
	/***
	 * 判断邮箱验证码是否正确
	 * @param iDCardValidateService
	 * @throws IOException 
	 */
	public String toNextDealPwd() throws IOException{
		JSONObject obj = new JSONObject();
		String code = SqlInfusion.FilteSqlInfusion(paramMap.get("code").toString().trim());
		String pageId = SqlInfusion.FilteSqlInfusion(paramMap.get("pageId"));
		String mailCode = SqlInfusion.FilteSqlInfusion(paramMap.get("mailCode"));
		String code2 = (String) session().getAttribute(pageId + "_checkCode");
		
		if((code != null && code != "") && (pageId != null && pageId != "")){
			if(!code.equals(code2)){
				obj.put("mailAddress", "-2");
				JSONUtils.printObject(obj);
				return null;
			}
		}
		String confirmTelephone = SqlInfusion.FilteSqlInfusion((String) session().getAttribute("mailCode"));
		if (confirmTelephone == null || (!mailCode.equals(confirmTelephone))) {
			obj.put("mailAddress", "-1");// 邮箱验证码输入有误
			JSONUtils.printObject(obj);
			return null;
		}
		return null;
	}
	/*add by sunbing start*/
	public void checkSecurity() throws Exception{
		//获取账户安全等级:实名认证/绑定手机/支付密码/密保问题
		User user = (User) session().getAttribute(IConstants.SESSION_USER);
		int safetyCount = 1;//默认有登录密码，及安全等级至少为20%
		if(null!=user){
			Map<String, String> pmap = userService.queryPersonById(user.getId());
			Map<String, String> umap = userService.queryUserById(user.getId());
			//实名认证
			/*if(StringUtils.isNotEmpty(pmap.get("realName"))){
				user.setIsBindIdNo(1);
				safetyCount++;
			}else{
				user.setIsBindIdNo(0);
			}*/
			Map<String, String> materialsauthMap = userService.isCheckIDCard(user.getId());
			if(materialsauthMap == null || materialsauthMap.size() == 0 || !(materialsauthMap.get("auditStatus").equals("3"))){
				user.setIsBindIdNo(0);
			}else{
				user.setIsBindIdNo(1);
				safetyCount++;
			}
			//绑定手机
			if(StringUtils.isNotEmpty(pmap.get("cellPhone"))){
				user.setIsBindMobile(1);
				safetyCount++;
			}else{
				user.setIsBindMobile(0);
			}
			//支付密码
			String password = umap.get("password");
			String dealpwd = umap.get("dealpwd");
			if(StringUtils.isNotEmpty(password)&&StringUtils.isNotEmpty(dealpwd)){
				if(!password.equals(dealpwd)){
					user.setCode(1);
					safetyCount++;
				}else{
					user.setCode(0);
				}
			}
			//密保问题
			// 根据用户ID查询
			Map<String, String> map = userService.queryQuestion(user.getId());
			if(null != map && map.size()>1){
				session().setAttribute("isBindQuestion", 1);
				safetyCount++;
			}else{
				session().setAttribute("isBindQuestion", 0);
			}
			double safetyLevel = (double)(Math.round((double)safetyCount*100)/5.0);
			session().setAttribute("safetyLevel", safetyLevel);
			session().setAttribute(IConstants.SESSION_USER, user);
		}
		JSONUtils.printStr("1");
	}
	/*add by sunbing end*/
	public void setiDCardValidateService(
			IDCardValidateService iDCardValidateService) {
		this.iDCardValidateService = iDCardValidateService;
	}

	public UserService getUserService() {
		return userService;
	}

	public ValidateService getValidateService() {
		return validateService;
	}

	public void setValidateService(ValidateService validateService) {
		this.validateService = validateService;
	}

	public void setUserService(UserService userService) {
		this.userService = userService;
	}

	public RegionService getRegionService() {
		return regionService;
	}

	public void setRegionService(RegionService regionService) {
		this.regionService = regionService;
	}

	public List<Map<String, Object>> getProvinceList() {
		return provinceList;
	}

	public void setProvinceList(List<Map<String, Object>> provinceList) {
		this.provinceList = provinceList;
	}

	public List<Map<String, Object>> getCityList() {
		return cityList;
	}

	public void setCityList(List<Map<String, Object>> cityList) {
		this.cityList = cityList;
	}

	public List<Map<String, Object>> getAreaList() {
		return areaList;
	}

	public void setAreaList(List<Map<String, Object>> areaList) {
		this.areaList = areaList;
	}

	public List<Map<String, Object>> getRegcityList() {
		return regcityList;
	}

	public void setRegcityList(List<Map<String, Object>> regcityList) {
		this.regcityList = regcityList;
	}

	public long getWorkPro() {
		return workPro;
	}

	public void setWorkPro(long workPro) {
		this.workPro = workPro;
	}

	public long getCityId() {
		return cityId;
	}

	public void setCityId(long cityId) {
		this.cityId = cityId;
	}

	public long getRegPro() {
		return regPro;
	}

	public void setRegPro(long regPro) {
		this.regPro = regPro;
	}

	public long getRegCity() {
		return regCity;
	}

	public void setRegCity(long regCity) {
		this.regCity = regCity;
	}

	public void setBeVipService(BeVipService beVipService) {
		this.beVipService = beVipService;
	}

	public void setIDCardValidateService(
			IDCardValidateService cardValidateService) {
		iDCardValidateService = cardValidateService;
	}

}
